KLA10668
File access vulnerability in QlikTech QlikView
Updated: 06/18/2020
Detect date
?
09/16/2015
Severity
?
High
Description

XML external entity vulnerability was found in QlikView at AccessPoint.aspx. By exploiting this vulnerability malicious users can read arbitrary files. This vulnerability can be exploited remotely via a specially designed xml data.

Affected products

QlikTech Qlikview versions earlier than 11.20 SR12

Solution

Update to the latest version
Get QlikView

Impacts
?
RLF 
[?]
Related products
QlikView
CVE-IDS
?
Exploitation

The following public exploits exists for this vulnerability:

https://www.exploit-db.com/exploits/38118